STIGQter: STIG Summary: IBM DataPower ALG Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 25 Jan 2016:

The DataPower Gateway providing content filtering must generate a log record when unauthorized network services are detected.

DISA Rule

SV-79775r1_rule

Vulnerability Number

V-65285

Group Title

SRG-NET-000385-ALG-000137

Rule Version

WSDP-AG-000109

Severity

CAT II

CCI(s)

• CCI-002684 - The information system audits and/or alerts organization-defined personnel when unauthorized network services are detected.

Weight

10

Fix Recommendation

Using the WebGUI, go to Network >> Management >> Web Management Service. Check the "WS-Management endpoint" checkbox. Configure an IP and port for the WS-Management endpoint to connect to.

Check Contents

Using the WebGUI, go to Network >> Management >> Web Management Service. Verify that the "WS-Management endpoint" checkbox is checked and that an IP and port for the WS-Management endpoint to connect to is configured.

If the WS-Management endpoint is not enabled (checked) or not configured, this is a finding.

Vulnerability Number

V-65285

Documentable

False

Rule Version

WSDP-AG-000109

Severity Override Guidance

Using the WebGUI, go to Network >> Management >> Web Management Service. Verify that the "WS-Management endpoint" checkbox is checked and that an IP and port for the WS-Management endpoint to connect to is configured.

If the WS-Management endpoint is not enabled (checked) or not configured, this is a finding.

Check Content Reference

M

Target Key

2859

Comments